CVE-2019-11983

HIGH

HPE iLO 4 <v2.61b - Buffer Overflow,HPE iLO 5 <v1.39 - Buffer Overflow

Title source: llm

Description

A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39.

References (1)

[Vendor Advisory] https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03917en_us

Scores

CVSS v3 7.0

EPSS 0.0066

EPSS Percentile 70.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

Classification

CWE

CWE-119

Status published

Affected Products (2)

hp/integrated_lights-out_5_firmware < 1.39

hp/integrated_lights-out_4_firmware < 2.61b

Timeline

Published Jun 05, 2019

Tracked Since Feb 18, 2026